IPsec traffic analysis

Is it possible to do traffic analysis of an IPsec tunnel. This week I changed over from a private WAN to a IPsec tunnel over the Internet. I was monitoring traffic with NetFlow but the CLI tells me this is not possible for IPsec when I try to enable it. We use PRTG for monitoring and logging. This has the ability to analyze raw packet capture if I can get the packets to it. Sounds like this is possible with SPAN on a hardware switch (which we have). But of course IPsec is a virtual interface.